CVE-2018-10881 (retired)

A flaw was found in the Linux kernel's ext4 filesystem. A local user cancause an out-of-bound access in ext4_get_group_info function, a denial ofservice, and a system crash by mounting and operating on a crafted ext4filesystem image.

Ubuntu-Description

Wen Xu discovered that the ext4 filesystem implementation in the Linuxkernel did not properly keep meta-data information consistent in somesituations. An attacker could use this to construct a malicious ext4 imagethat, when mounted, could cause a denial of service (system crash).